None.

None.

None.

Workaround: Enter a comma-separated list of all the patch bundles, including PATCH (Drift).

Workaround: Perform the bundle cleanup of VxRail async patch 7.0.410 by following the steps in KB 75050.

Workaround:

• If you have not started the upgrade process, verify that the root password is 365 days or more older. Change the root password before start upgrade process.

• If your upgrade reached the failed state, change the root password and retry the upgrade process.

  • Login to SDDC manager using old vcf and root passwords

  • Reset the vcf and root passwords using passwd vcf and passwd root commands

  • Go to SDDC UI and restart the failed work flow

See KB artcle 89978 for more information.

Workaround: Schedule SDDC Manager upgrades for a time when no virtual machine reconfiguration tasks are happening in the management domain. If you encounter this issue, wait for the other tasks to complete and then retry the upgrade.

Workaround: Each vCenter Server instance must be upgraded separately.

Workaround: Deactivate and reactivate vCLS on the cluster to deploy all the vCLS agent VMs to shared storage.

1. Check the placement of the vCLS agent VMs for each cluster in your environment.

   1. In the vSphere Client, select Menu > VMs and Templates.

   2. Expand the vCLS folder.

   3. Select the first vCLS agent VM and click the Summary tab.

   4. In the Related Objects section, check the datastore listed for Storage. It should be the vSAN datastore. If a vCLS agent VM is on local storage, you need to deactivate vCLS for the cluster and then re-enable it.

   5. Repeat these steps for all vCLS agent VMs.

2. Deactivate vCLS for clusters that have vCLS agent VMs on local storage.

   1. In the vSphere Client, click Menu > Hosts and Clusters.

   2. Select a cluster that has a vCLS agent VM on local storage.

   3. In the web browser address bar, note the moref id for the cluster.

      For example, if the URL displays as https://vcenter-1.vrack.vsphere.local/ui/app/cluster;nav=h/urn:vmomi:ClusterComputeResource:domain-c8:503a0d38-442a-446f-b283-d3611bf035fb/summary, then the moref id is domain-c8.

   4. Select the vCenter Server containing the cluster.

   5. Click Configure > Advanced Settings.

   6. Click Edit Settings.

   7. Change the value for config.vcls.clusters.<moref id>.enabled to false and click Save.

      If the config.vcls.clusters.<moref id>.enabled setting does not appear for your moref id, then enter its Name and false for the Value and click Add.

   8. Wait a couple of minutes for the vCLS agent VMs to be powered off and deleted. You can monitor progress in the Recent Tasks pane.

3. Enable vCLS for the cluster to place the vCLS agent VMs on shared storage.

   1. Select the vCenter Server containing the cluster and click Configure > Advanced Settings.

   2. Click Edit Settings.

   3. Change the value for config.vcls.clusters.<moref id>.enabled to true and click Save.

   4. Wait a couple of minutes for the vCLS agent VMs to be deployed and powered on. You can monitor progress in the Recent Tasks pane.

4. Check the placement of the vCLS agent VMs to make sure they are all on shared storage

Workaround: Do not run multiple parallel prechecks. If you do, wait until the prechecks are complete to evaluate the results.

Workaround: Ensure that the TPM is configured in the ESXi host's BIOS to use the SHA-256 hashing algorithm and the TIS/FIFO (First-In, First-Out) interface and not CRB (Command Response Buffer). For information about setting these required BIOS options, refer to the vendor documentation.

Workaround: Use the following guidance to plan your upgrades and prechecks for workload domains that use vSphere Lifecycle Manager images.

• For parallel upgrades, VMware Cloud Foundation supports up to five workload domains with up to five clusters each.

• For parallel prechecks, VMware Cloud Foundation supports up to three workload domains with up to four clusters each.

• Do not run parallel upgrades and prechecks at the same time.

Workaround: To get the best performance when upgrading multiple workload domains in parallel using the VMware Cloud Foundation API, do not include multiple resource upgrade specifications (resourceUpgradeSpec) in a single domain upgrade call. Instead, invoke the domain upgrade multiple times with a single resourceUpgradeSpec for each workload domain.

You can also use the SDDC Manager UI to trigger multiple parallel upgrades across workload domains.

Workaround: Upgrade vRealize Suite Lifecycle Manager to version 8.8.2 or higher. See Upgrade vRealize Suite Lifecycle Manager for VMware Cloud Foundation.

Workaround:

1. Log in to the NSX Manager UI.

2. Click System > Backup & Restore.

3. Click Edit for the SFTP Server.

4. Remove the existing SSH fingerprint and click Save.

5. Click Add to add the server provided fingerprint.

6. Click Save.

7. Retry the NSX-T Data Center upgrade from the SDDC Manager UI.

Always perform an update precheck to validate the health status of the clusters. Resolve any issues before upgrading.

Disable the update precheck validation for the subsequent NSX-T Data Center update.

1. Log in to SDDC Manager as vcf using a Secure Shell (SSH) client.

2. Open the application-prod.properties file for editing: vi /opt/vmware/vcf/lcm/lcm-app/conf/application-prod.properties

3. Add the following property and save the file: lcm.nsxt.suppress.prechecks=true

4. Restart the life cycle management service: systemctl restart lcm

5. Log in to the SDDC Manager user interface and proceed with the update of NSX-T Data Center.

Contact VMware support.

Workaround: Set the maximum lifetime password policy to something other than zero and retry the precheck.

See: KB 85505

Workaround: None.

See KB 89990 for more information.

Log in to the VM console of the Cloud Foundation Builder VM as the root user. Unlock the account by resetting the password of the admin user with the following command:

pam_tally2 --user=<user> --reset

Workaround:

1. Click File > Info in the Deployment Parameter Workbook.

2. Click Unprotect for the Hosts and Networks worksheet.

3. Modify the formula in the cell below the profile selection (B23) to have the following value:

   =IF(E22="Profile-1",Lookup_Lists!C2,IF(E22="Profile-2",Lookup_Lists!C3,IF(E22="Profile-3",Lookup_Lists!C5,)))

4. Protect the Hosts and Networks sheet again.

Workaround: To clear the expired password/disconnected alert in SDDC Manager:

1. Log in to the affected vRealize Operations Manager node and update the virtual appliance admin password.

2. In SDDC Manager, remediate (or rotate or update) the password for the expired account. Or, use the VMware Cloud Foundation API to run POST /v1/credentials/expirations.

Workaround: Use the NSX Manager API or CLI to manually update the DNS/NTP server information for the remaining NSX Manager(s).

Workaround: The correct URL for downloading the SDDC Manager OVA for VMware Cloud Foundation 4.5 is: https://depot.vmware.com/PROD2/evo/vmw/sddcmanagerova/VCF-SDDC-Manager-Appliance-4.5.0.0-20612863.tar.

Workaround: Run SoS commands as the root user or apply the workaround in KB 91104.

Workaround: None. If you are using perpetual licenses, the subscription information is not relevant.

Workaround: Run the following command using the FQDN of the failed resource(s) to ensure name resolution is successful and then retry the NTP server configuration.

nslookup <FQDN>

Workaround: Use the vSphere Client to confirm the actual default identity source.

Workaround: Use a different web browser.

Workaround:Use the vRealize Suite Lifecycle Manager UI to refresh the vCenter data collection from the vRealize Suite Lifecycle Manager settings page and then retry the deployment.

Workaround: Manually disable CEIP in vRealize Automation and vRealize Suite Lifecycle Manager. For more information, see VMware vRealize Automation Documentation and VMware vRealize Suite Lifecycle Manager Documentation.

1. Log in to the UI for the component to troubleshoot and resolve any issues.

2. Using SSH, log in to the SDDC Manager VM with the user name vcf.

3. Type su to switch to the root account.

4. Run the following command: systemctl restart operationsmanager

5. Retry generating the CSR.

None.

1. Before adding the host, add a new portgroup to the VDS for that cluster.

2. Tag the new portgroup with the VLAN ID of the host to be added.

3. Add the Host. This workflow fails at the "Migrate host vmknics to dvs" operation.

4. Locate the failed host in vCenter, and migrate the vmk0 of the host to the new portgroup you created in step 1. For more information, see Migrate VMkernel Adapters to a vSphere Distributed Switch in the vSphere product documentation.

5. Retry the Add Host operation.

NOTE: If you later remove this host in the future, you must manually remove the portgroup as well if it is not being used by any other host.

Attach the Transport node profile to the cluster and try deploying the partner service. After the service is deployed, detach the transport node profile from the cluster.

1. Upgrade the witness host manually with the matching ESXi version using the vCenter VUM functionality.

2. Replace or deploy the witness appliance matching with the ESXi version.

Update the hosts inventory in OMIVV and retry the add host task in the SDDC Manager UI. See the Dell documentation for information about updating the hosts inventory in OMIVV.

1. Enable SSH for the NSX Manager VMs.

2. SSH into the NSX Manager VMs as admin and then log in as root.

3. Run the following command on each NSX Manager VM: sysctl -w net.ipv4.tcp_en=0

4. Login to NSX Manager UI for the workload domain.

5. Navigate to System > Fabric > Nodes > Host Transport Nodes.

6. Select the vCenter server for the workload domain from the Managed by drop-down menu.

7. Expand the vSphere cluster and navigate to the transport nodes that are in a partial success state.

8. Select the check box next to a partial success node, click Configure NSX.

9. Click Next and then click Apply.

10. Repeat steps 7-9 for each partial success node.

When all host issues are resolved, transport node creation starts for the failed nodes. When all hosts are successfully created as transport nodes, retry the failed add vSphere cluster or add host task from the SDDC Manager UI.

Enable CEIP in SDDC Manager. See the VMware Cloud Foundation Documentation. After CEIP is enabled, a scheduled task that enables the vSAN Performance Service on existing clusters in workload domains runs every three hours. The service is also enabled for new workload domains and clusters. To enable the vSAN Performance Service immediately, see the VMware vSphere Documentation.

1. Enable Large Cluster Support for the vSAN cluster in the vSphere Client. If it is already enabled skip to step 2.

   1. Select the vSAN cluster in the vSphere Client.

   2. Select Configure > vSAN > Advanced Options.

   3. Enable Large Cluster Support.

   4. Click Apply.

   5. Click Yes.

2. Run a vSAN health check to see which hosts require rebooting.

3. Put the hosts into Maintenance Mode and reboot the hosts.

For more information about large cluster support, see https://kb.vmware.com/kb/2110081.

• For host removal: Delete the Service VM from the host and retry the operation.

• For cluster deletion: Delete the service deployment for the cluster and retry the operation.

• For workload domain deletion: Delete the service deployment for all clusters in the workload domain and retry the operation.

If you want to add an NFS datastore with a different datastore name, then it must use a different NFS server IP address.

Make sure the cluster has a powered-on VM with an operating system installed before stretching the cluster.

Workaround: Customers are advised to upgrade VMware vRealize Suite Lifecycle Manager to a newer version by following the instructions in Upgrade vRealize Suite Lifecycle Manager for VMware Cloud Foundation. See the VMware Interoperability Matrix for information about which versions of VMware vRealize Suite Lifecycle Manager are supported with your version of VMware Cloud Foundation.

Workaround: None. Do not upgrade to vRealize Log Insight 8.10. This issue does not affect earlier versions of vRealize Log Insight (for example, 8.8).

Workaround: None

Workaround: Log in to vRealize Suite Lifecycle Manager to identify and troubleshoot the failed environment(s).